[JAVA-29009] Upgrade to spring-reactive-oauth module to Spring Boot 3 (#16328)

spring-reactive-modules/spring-reactive-oauth/pom.xml

@@ -11,9 +11,10 @@
     <description>WebFlux and Spring Security OAuth</description>
 
     <parent>
-        <groupId>com.baeldung.spring.reactive</groupId>
+        <groupId>com.baeldung</groupId>
-        <artifactId>spring-reactive-modules</artifactId>
+        <artifactId>parent-boot-3</artifactId>
-        <version>1.0.0-SNAPSHOT</version>
+        <version>0.0.1-SNAPSHOT</version>
+        <relativePath>../../parent-boot-3</relativePath>
     </parent>
 
     <dependencies>
@@ -62,4 +63,8 @@
         </plugins>
     </build>
 
+    <properties>
+        <start-class>com.baeldung.reactive.oauth.Spring5ReactiveOauthApplication</start-class>
+    </properties>
+
 </project>

spring-reactive-modules/spring-reactive-oauth/src/main/java/com/baeldung/reactive/oauth/SecurityConfig.java

@@ -1,6 +1,7 @@
 package com.baeldung.reactive.oauth;
 
 import org.springframework.context.annotation.Bean;
+import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
 import org.springframework.security.config.web.server.ServerHttpSecurity;
 import org.springframework.security.web.server.SecurityWebFilterChain;
@@ -10,10 +11,11 @@ public class SecurityConfig {
 
         @Bean
         public SecurityWebFilterChain configure(ServerHttpSecurity http) throws Exception {
-            return http.authorizeExchange()
+            return http.authorizeExchange(auth -> auth
                 .pathMatchers("/about").permitAll()
-                .anyExchange().authenticated()
+                .anyExchange().authenticated())
-                .and().oauth2Login()
+                .oauth2Login(Customizer.withDefaults())
-                .and().build();
+                .build();
         }
+
 }

spring-reactive-modules/spring-reactive-oauth/src/main/java/com/baeldung/reactive/oauth/Spring5ReactiveOauthApplication.java

@@ -4,9 +4,12 @@ import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.PropertySource;
+import org.springframework.security.oauth2.client.registration.ClientRegistration;
+import org.springframework.security.oauth2.client.registration.InMemoryReactiveClientRegistrationRepository;
 import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository;
 import org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction;
 import org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository;
+import org.springframework.security.oauth2.core.AuthorizationGrantType;
 import org.springframework.web.reactive.function.client.WebClient;
 
 @PropertySource("classpath:default-application.yml")
@@ -24,4 +27,13 @@ public class Spring5ReactiveOauthApplication {
             .filter(filter)
             .build();
     }
+
+    @Bean
+    public ReactiveClientRegistrationRepository clientRegistrations() {
+        ClientRegistration registration =   ClientRegistration.withRegistrationId("bael").authorizationGrantType(
+            AuthorizationGrantType.CLIENT_CREDENTIALS).clientId("bael").tokenUri("default").build();
+
+        return new InMemoryReactiveClientRegistrationRepository(registration);
+
+    }
 }

spring-reactive-modules/spring-reactive-oauth/src/main/java/com/baeldung/webclient/authorizationcodeclient/configuration/WebSecurityConfig.java

@@ -2,6 +2,7 @@ package com.baeldung.webclient.authorizationcodeclient.configuration;
 
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.Customizer;
 import org.springframework.security.config.web.server.ServerHttpSecurity;
 import org.springframework.security.web.server.SecurityWebFilterChain;
 
@@ -9,13 +10,9 @@ import org.springframework.security.web.server.SecurityWebFilterChain;
 public class WebSecurityConfig {
     @Bean
     public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
-        http.authorizeExchange()
+        http.authorizeExchange(s-> s.anyExchange().authenticated())
-            .anyExchange()
+            .oauth2Client(Customizer.withDefaults())
-            .authenticated()
+            .formLogin(Customizer.withDefaults());
-            .and()
-            .oauth2Client()
-            .and()
-            .formLogin();
         return http.build();
     }
 

spring-reactive-modules/spring-reactive-oauth/src/main/java/com/baeldung/webclient/authorizationcodelogin/configuration/WebSecurityConfig.java

@@ -2,6 +2,7 @@ package com.baeldung.webclient.authorizationcodelogin.configuration;
 
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.Customizer;
 import org.springframework.security.config.web.server.ServerHttpSecurity;
 import org.springframework.security.web.server.SecurityWebFilterChain;
 
@@ -9,11 +10,8 @@ import org.springframework.security.web.server.SecurityWebFilterChain;
 public class WebSecurityConfig {
     @Bean
     public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
-        http.authorizeExchange()
+        http.authorizeExchange(s-> s.anyExchange().authenticated())
-            .anyExchange()
+            .oauth2Login(Customizer.withDefaults());
-            .authenticated()
-            .and()
-            .oauth2Login();
         return http.build();
     }
 

spring-reactive-modules/spring-reactive-oauth/src/main/java/com/baeldung/webclient/clientcredentials/configuration/WebClientConfig.java

@@ -1,22 +1,60 @@
 package com.baeldung.webclient.clientcredentials.configuration;
 
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.security.oauth2.client.AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager;
+import org.springframework.security.oauth2.client.InMemoryReactiveOAuth2AuthorizedClientService;
+import org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProvider;
+import org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProviderBuilder;
+import org.springframework.security.oauth2.client.registration.ClientRegistration;
+import org.springframework.security.oauth2.client.registration.InMemoryReactiveClientRegistrationRepository;
 import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository;
 import org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction;
-import org.springframework.security.oauth2.client.web.server.UnAuthenticatedServerOAuth2AuthorizedClientRepository;
+import org.springframework.security.oauth2.core.AuthorizationGrantType;
 import org.springframework.web.reactive.function.client.WebClient;
 
 @Configuration
 public class WebClientConfig {
 
     @Bean
-    WebClient webClient(ReactiveClientRegistrationRepository clientRegistrations) {
+    ReactiveClientRegistrationRepository clientRegistrations(
-        ServerOAuth2AuthorizedClientExchangeFilterFunction oauth = new ServerOAuth2AuthorizedClientExchangeFilterFunction(clientRegistrations, new UnAuthenticatedServerOAuth2AuthorizedClientRepository());
+        @Value("${spring.security.oauth2.client.provider.bael.token-uri}") String token_uri,
-        oauth.setDefaultClientRegistrationId("bael");
+        @Value("${spring.security.oauth2.client.registration.bael.client-id}") String client_id,
-        return WebClient.builder()
+        @Value("${spring.security.oauth2.client.registration.bael.client-secret}") String client_secret,
-            .filter(oauth)
+        @Value("${spring.security.oauth2.client.registration.bael.authorization-grant-type}") String authorizationGrantType
+
+    ) {
+        ClientRegistration registration = ClientRegistration
+            .withRegistrationId("keycloak")
+            .tokenUri(token_uri)
+            .clientId(client_id)
+            .clientSecret(client_secret)
+            .authorizationGrantType(new AuthorizationGrantType(authorizationGrantType))
             .build();
+        return new InMemoryReactiveClientRegistrationRepository(registration);
+    }
+    @Bean
+    public AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager authorizedClientManager(
+        ReactiveClientRegistrationRepository clientRegistrationRepository) {
+        InMemoryReactiveOAuth2AuthorizedClientService clientService =
+            new InMemoryReactiveOAuth2AuthorizedClientService(clientRegistrationRepository);
+        ReactiveOAuth2AuthorizedClientProvider authorizedClientProvider =
+            ReactiveOAuth2AuthorizedClientProviderBuilder.builder().clientCredentials().build();
+        AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager authorizedClientManager =
+            new AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager(
+                clientRegistrationRepository, clientService);
+        authorizedClientManager.setAuthorizedClientProvider(authorizedClientProvider);
+        return authorizedClientManager;
     }
 
+    @Bean
+    WebClient webClient(AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager auth2AuthorizedClientManager) {
+        ServerOAuth2AuthorizedClientExchangeFilterFunction oauth2Client =
+            new ServerOAuth2AuthorizedClientExchangeFilterFunction(auth2AuthorizedClientManager);
+        oauth2Client.setDefaultClientRegistrationId("bael");
+        return WebClient.builder()
+            .filter(oauth2Client)
+            .build();
+    }
 }

spring-reactive-modules/spring-reactive-oauth/src/main/java/com/baeldung/webclient/manualrequest/configure/WebClientConfig.java

@@ -11,6 +11,6 @@ public class WebClientConfig {
     public WebClient configureWebClient() {
         return WebClient.builder()
             .build();
-    };
+    }
 
 }

spring-reactive-modules/spring-reactive-oauth/src/main/java/com/baeldung/webclient/manualrequest/configure/WebSecurityConfig.java

@@ -9,9 +9,7 @@ import org.springframework.security.web.server.SecurityWebFilterChain;
 public class WebSecurityConfig {
     @Bean
     public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
-        http.authorizeExchange()
+        http.authorizeExchange(s -> s.anyExchange().permitAll());
-            .anyExchange()
-            .permitAll();
         return http.build();
     }
 }

spring-reactive-modules/spring-reactive-oauth/src/test/java/com/baeldung/reactive/oauth/Spring5ReactiveOauthIntegrationTest.java

@@ -1,12 +1,13 @@
 package com.baeldung.reactive.oauth;
 
+import com.baeldung.webclient.clientcredentials.configuration.WebClientConfig;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.test.context.junit4.SpringRunner;
 
 @RunWith(SpringRunner.class)
-@SpringBootTest
+@SpringBootTest(classes = WebClientConfig.class)
 public class Spring5ReactiveOauthIntegrationTest {
 
 	@Test